#include "../lib/crypto/crypto.h"
#include "lib/util/iov_buf.h"
+#ifndef HAVE_GNUTLS_AES_CMAC
+#include "lib/crypto/aes.h"
+#include "lib/crypto/aes_cmac_128.h"
+#endif
+
#include "lib/crypto/gnutls_helpers.h"
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
SIVAL(hdr, SMB2_HDR_FLAGS, IVAL(hdr, SMB2_HDR_FLAGS) | SMB2_HDR_FLAG_SIGNED);
if (protocol >= PROTOCOL_SMB2_24) {
+#ifdef HAVE_GNUTLS_AES_CMAC
+ gnutls_datum_t key = {
+ .data = signing_key->blob.data,
+ .size = MIN(signing_key->blob.length, 16),
+ };
+ int rc;
+
+ if (signing_key->hmac_hnd == NULL) {
+ rc = gnutls_hmac_init(&signing_key->hmac_hnd,
+ GNUTLS_MAC_AES_CMAC_128,
+ key.data,
+ key.size);
+ if (rc < 0) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+
+ for (i = 0; i < count; i++) {
+ rc = gnutls_hmac(signing_key->hmac_hnd,
+ vector[i].iov_base,
+ vector[i].iov_len);
+ if (rc < 0) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ }
+ gnutls_hmac_output(signing_key->hmac_hnd, res);
+#else /* NOT HAVE_GNUTLS_AES_CMAC */
struct aes_cmac_128_context ctx;
uint8_t key[AES_BLOCK_SIZE] = {0};
aes_cmac_128_final(&ctx, res);
ZERO_ARRAY(key);
+#endif /* HAVE_GNUTLS_AES_CMAC */
} else {
uint8_t digest[gnutls_hmac_get_len(GNUTLS_MAC_SHA256)];
int rc;